Results 1 to 3 of 3

Thread: Heads Up**Backdoor.WinShell.50

  1. #1
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744

    Exclamation Heads Up**Backdoor.WinShell.50

    Hi Guys..
    As per my usual Heads up.. only Higher risk Threats are listed here.. ie Symantec's Cat 2 or higher.. I have not included the links to the McAfee and KAV reports on this one..

    Backdoor.WinShell.50

    Symantec Info Page


    This ones entry is due to its damage capability.

    Threat Assesment
    Wild:- Low
    Damage:- Medium
    Distribution:- Low


    Threat containment: Easy
    Removal: Moderate

    Damage

    Payload:
    Compromises security settings: Allows unauthorized commands to be remotely executed.
    Summary of Threat
    Backdoor.WinShell.50 is a server program that allows unauthorized access to an infected computer.

    The Backdoor will listen on port 8719.

    This piece of malware, along with Trojan.Stealther, has recently been found on systems which have been exploited by the Microsoft DCOM RPC vulnerability.

    NOTE: Virus definitions dated August 6, 2003 may detect this as Backdoor.Winshell.


    Also Known As: Backdoor.Winshell.50 [KAV], BackDoor-TC [McAfee]

    Type: Trojan Horse
    Infection Length: 14,168 bytes

    Systems Not Affected: Linux, Macintosh, OS/2, UNIX
    Technical Details
    Opens Port 8719 to listen for remote commands that it will issue to a command shell.


    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  2. #2
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    Didn't mean to steal your thunder- I searched on the McAfee name (Stealther) before posting my thread.

    This one is pretty sneaky because once you have it it is very hard to tell if you have it. You almost need to boot all machines to Safemode to check them out.

  3. #3
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Thats why I couldn't find it..

    But then again I have been getting a bit lazy

    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •